kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Penetration testing a civilian drone: Reverse engineering software in search for security vulnerabilities
KTH, School of Electrical Engineering and Computer Science (EECS).
KTH, School of Electrical Engineering and Computer Science (EECS).
2020 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesisAlternative title
Penetrationstestning på civil drönare (Swedish)
Abstract [en]

Civilian drones have become more popular in recent years. As an IoT (Internet of Things) device full of state of the art technologies, its level of security is highly relevant. That is why we chose to take a look at the previous research done in the field to see how the attack surface of civilian drones looks. This revealed that drones are especially vulnerable to GPS and WiFi-based attacks. Furthermore, there have also been vulnerabilities discovered in the applications used by different civilian drones. We took a closer look at a certain drone model, DJI Mavic 2 Zoom, by analyzing its internals and reverse engineering certain parts of its software architecture to see what attacks it could be vulnerable to. Our research revealed that the drone uses a proprietary protocol dubbed Ocusync. This means it is not vulnerable to the same attacks as drone models that use WiFi. However, the drone could still be as vulnerable to GPS spoofing attacks. Through reverse engineering, we also discovered a vulnerability in the software of the drone, which has been reported to the manufacturer.

Abstract [sv]

Civila drönare har under de senaste åren blivit mer populära. Som en IoT-enhet (Internet of Things) full av modern teknik är dess säkerhetsnivå mycket relevant. Det är därför vi valde att titta på den tidigare forskningen som har gjorts på området för att se hur attackytan på civila drönare ser ut. Detta avslöjade att de är särskilt sårbara för GPSoch WiFi-baserade attacker. Dessutom har det också upptäckts sårbarheter i applikationerna som används av olika civila drönare. Vi tittade närmare på en viss drönarmodell, DJI Mavic 2 Zoom, genom att analysera dess intern arkitektur och dekompilera vissa delar av programvaruarkitekturen för att se vilka attacker den kan vara sårbar för. Vår forskning avslöjade att drönaren använder ett proprietärt protokoll som kallas Ocusync. Det här innebär att drönaren inte är sårbart för samma attacker som modeller som använder WiFi. Däremot, kan drönaren vara lika sårbar för GPS-spoofing attacker. Med hjälp av dekompilering, upptäckte vi också en sårbarhet i drönarens mjukvara, som har rapporterats till tillverkaren.

Place, publisher, year, edition, pages
2020. , p. 38
Series
TRITA-EECS-EX ; 2020:353
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:kth:diva-280096OAI: oai:DiVA.org:kth-280096DiVA, id: diva2:1463784
Subject / course
Computer Science
Educational program
Master of Science in Engineering - Computer Science and Technology
Supervisors
Examiners
Available from: 2020-09-03 Created: 2020-09-03 Last updated: 2022-06-25Bibliographically approved

Open Access in DiVA

fulltext(515 kB)13922 downloads
File information
File name FULLTEXT01.pdfFile size 515 kBChecksum SHA-512
8eb99050a4b356dbbf353b8bb9129a8ac2a2909c4fdde964b9e73d613d810414abe33d7bf01367e47e655b9c6dc30e9830a506293e08b2c1fccb79529949dd4a
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 13933 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 3419 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf